User-generated content permissions status analysis system and method

ABSTRACT

A method for user-generated content privacy control, including: detecting a trigger event, identifying a post for permissions analysis, determining permissions for the post, and storing the updated permissions in a post indexing system.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a continuation of U.S. application Ser. No.14/971,607, filed 16 Dec. 2015, which claims the priority of U.S.Provisional Application No. 62/093,749 filed 18 Dec. 2014, which areincorporated in their entirety by this reference. This application isalso a continuation-in-part of U.S. application Ser. No. 14/882,318,filed 13 Oct. 2015, which claims the priority of U.S. ProvisionalApplication No. 62/063,078, filed 13 Oct. 2014. U.S. patent applicationSer. No. 14/882,318, filed 13 Oct. 2015 is a continuation-in-part ofU.S. application Ser. No. 14/643,958, filed 10 Mar. 2015, which is acontinuation-in-part of U.S. application Ser. No. 14/574,966, filed 18Dec. 2014, which claims the benefit of U.S. Provisional Application No.61/918,126, filed 19 Dec. 2013, U.S. Provisional Application No.62/060,407, filed 6 Oct. 2014, and U.S. Provisional Application No.62/006,632, filed 2 Jun. 2014. U.S. patent application Ser. No.14/643,958 is also a continuation-in-part of U.S. patent applicationSer. No. 14/501,436, filed 30 Sep. 2014, which is a continuation-in-partof U.S. patent application Ser. No. 14/043,479, filed 1 Oct. 2013, whichclaims the benefit of U.S. Provisional Application No. 61/709,103, filed2 Oct. 2012, U.S. Provisional Application No. 61/782,687, filed 14 Mar.2013, and U.S. Provisional Application No. 61/784,809, filed 14 Mar.2013. U.S. patent application Ser. No. 14/501,436 also claims thebenefit of U.S. Provisional Application No. 61/885,322, filed 1 Oct.2013.

This application is related to U.S. application Ser. No. 14/643,958filed 10 Mar. 2015, which is incorporated in its entirety by thisreference.

TECHNICAL FIELD

This invention relates generally to the social networking post analysisfield, and more specifically to a new and useful system and method fordynamic permissions determination in the social networking post analysisfield.

BACKGROUND

A problem arises when user-generated content is requested by a thirdparty system from a post analysis system that aggregates socialnetworking system posts. While the analysis system may have access tothe post (e.g., through access granted by the authoring user account orconnection of the authoring account), the third party may not haveaccess to the post, and therefore should not be able to see the postcontent.

Furthermore, post permissions change over time. An authoring account mayretroactively change post previously having a public status to a privatestatus, retroactively change previously private post to have a publicstatus, delete the post, delete the account, set the entire previouslypublic account to have a private status, release a previously private orlimited-access account to have a public status, or otherwiseretroactively change the status of the post.

Because it is undesirable to send posts that the third party does nothave permission to view to the third party in violation of privacycontracts and/or send post identifiers that link to post that the thirdparty (e.g., wherein such links lead the third party to empty orotherwise unavailable post listings in a post feed provided by the postanalysis system), the substantially up-to-date privacy settingsassociated with the post should be checked prior to sending the post oran identifier thereof to a third party.

Thus, there is a need in the social networking post analysis field tocreate a new and useful system and method for dynamic permissionsdetermination. This invention provides such new and useful system andmethod for dynamic permissions determination.

BRIEF DESCRIPTION OF THE FIGURES

FIG. 1 is a flowchart diagram of the permissions verification method.

FIG. 2 is a flowchart diagram of a variation of the permissionsverification method interfacing with a post source (e.g., socialnetworking system) through an API.

FIG. 3 is a flowchart diagram of a variation of the permissionsverification method interfacing with a post source (e.g., socialnetworking system) through user accounts.

FIG. 4 is a schematic representation of a variation of the permissionsverification method, including indexing the post.

FIG. 5 is a schematic representation of multiple variants of detecting aset of trigger events and identifying post identifiers for permissionsanalysis.

FIG. 6 is a schematic representation of a variation of performing thepermissions verification method in response to receipt of a request toview a third-party user-created album of posts from the third party.

FIG. 7 is a schematic representation of a variation of performing thepermissions verification method in response to receipt of a request toview posts satisfying a set of query parameters.

FIG. 8 is a schematic representation of a variation of performing thepermissions verification method in an event detection application.

DESCRIPTION OF THE PREFERRED EMBODIMENTS

The following description of the preferred embodiments of the inventionis not intended to limit the invention to these preferred embodiments,but rather to enable any person skilled in the art to make and use thisinvention.

As shown in FIG. 1, the method for permissions verification includesdetecting a trigger event S100, identifying a post for permissionsanalysis S200, determining permissions for the post S300, and storingthe updated permissions in a post indexing system S400. The method canadditionally include selectively enabling post access to a third partyin response to the post permissions satisfying a permissions condition.The method can additionally include updating a stored permissions statusfor the post, updating a stored permissions status for the authoringuser account, updating a stored permissions status for a second useraccount associated with the authoring user account, and updating the astored permissions status for a secondary post authored by the seconduser account. The method functions to verify that a third party accountor entity has access to any requested post, prior to post or postidentifier transmission to the third party account. This can function toprevent private posts from being released to third parties, preventthird parties from attempting to utilize private or limited-accessposts, and/or prevent third party frustration when the third party isunable to access the post due to a permissions change or post removal.All or a portion of the method can be automatically performed, performedin response to occurrence of a trigger event, or otherwise performed.All or a portion of the method can be performed in real-time, near-realtime, or at any other suitable frequency. The method or portions thereofcan be performed concurrently (e.g., in parallel), serially, or in anysuitable order for the same set of posts, same set of user accounts,different set of posts, and/or different sets of user accounts.

The method preferably controls access and data flow between a postsource (e.g., social networking system), a post analysis system, and athird party system, but can alternatively control data access betweenany other suitable set of computing systems. The post source (e.g.,social networking system), post analysis system, and third party systemare preferably separate and distinct systems or services (e.g., withdifferent access permissions), but can alternatively be part of the samesystem or service.

1. Specific Example of the Method.

In a specific example of permissions verification utilization, themethod verifies post permissions in an event detection system, whereinthe post permissions are checked prior to granting third-party access tocontent streams for a detected event. The event detection system andmethod can be those disclosed in U.S. application Ser. No. 14/882,318filed 13 Oct. 2015, incorporated herein in its entirety by thisreference, but can alternatively be any other suitable event detectionsystem.

In this example (shown in FIG. 8), a user authors a post on the postsource (e.g., social networking system) through a user account, and thepost is transmitted to the post analysis system. The post analysissystem receives the post and determines a set of posts parameter valuesfor the post (e.g., based on the post metadata, content, context, etc.).The post analysis system can subsequently discard the post contents orretain the post contents. The post parameter values are preferablyretained (e.g., irrespective of the post permissions status), but canalternatively be discarded in response to determination of a privatepermissions status for the post, or otherwise processed.

The post analysis system can additionally detect an event based on thepost parameter values, add the identifier for the post (post identifier)to a content stream for the event, and notify a third party system ofthe event. The post identifiers for subsequent posts (authored by thesame or different user accounts on the same or different post source)can be automatically added to the content stream upon determination thatthe respective post is associated with the event (e.g., based on therespective post's post parameter values, etc.), be added to the contentstream upon determination that the respective post is associated withthe event and has a public permissions status (e.g., such that onlypublic posts are added to the event content stream), or be added to thecontent stream based on any other suitable set of conditions being met.

Upon receipt of a request for the event content stream from the thirdparty, the post analysis system can: check the permissions for each postidentified within the event content stream against the source socialnetworking system, selectively remove post identifiers for now-privateposts from the event content stream, selectively add post identifiersfor now-public posts to the event content stream, and send the editedcontent stream to the third party system. The third party system canthen view the content of the posts identified in the edited contentstream, wherein the post content can: be sent to the third party as partof the edited content stream, be retrieved from the source (e.g., sourcesocial networking system) by the third party system based on the postidentifier, or be otherwise received by the third party system. Thethird party system can additionally publish the post content to a publicendpoint.

In a variant of the specific example, the post content is publishedthrough a widget (e.g., web browser widget) embedded within the publicendpoint, wherein the widget periodically: receives the edited contentstream, retrieves the post content from the source (e.g., source socialnetworking system), and displays (e.g., publishes) the post content atthe public endpoint. The widget can be part of the post analysis system,third party system, or any other suitable system. The post permissionstatuses can be checked each time the edited content stream is sent tothe widget, or be checked at any other suitable frequency. The widgetcan be on the third party backend, be embedded within the web browserwindow opened by a consumer of the third party public endpoint, or beotherwise associated with the third party. Alternatively, theuser-generated content can be broadcast (e.g., on a news outlet),published on a dashboard, provided to a third-party content analysissystem, or otherwise utilized. However, user-generated content can beotherwise surfaced to the third party. However, the method can be usedin any other suitable application.

2. Benefits.

This method can confer several benefits in solving the Internet-centricproblem of user privacy. First, this method functions as an intermediarybetween the source (e.g., source social networking system) and the thirdparty, such that the system provides an additional layer of privacy andsecurity on top of that already provided by the post source (e.g.,social networking system).

Second, variations of the method limit dissemination of user-generatedcontent by only sending post identifiers to the third parties, whereinthe third parties must retrieve the post content from the post sources(e.g., source social networking systems). This leverages the postsources' (e.g., social networking systems') privacy controls (inaddition to the system's privacy controls), which will prevent releaseof the requested post content to the third party if the privacy settingshave been changed in the interim (e.g., between post identifiertransmission and post content request).

Third, variations of the method limit dissemination of user-generatedcontent by checking the permissions status of the post and/or useraccount before transmission to a third party, such that only publiccontent is released to third parties. This can additionally function toprevent post identifiers for private posts from being sent to the thirdparty, which will prevent undesirable blank or unavailable frames frombeing shown at the third party endpoint.

Fourth, variations of the method discard the post content after postindexing, such that post content cannot be transmitted to the thirdparty by the system, as it is not stored by the system. In someembodiments of these variants, the post content can be reduced to—andstored as—a set of post parameter values characterizing the postcontent. These embodiments can confer the additional benefit of storingrelevant post information without storing the data-intensive postcontent itself.

Fifth, variations of the method can leverage the aforementioned postrepresentations (e.g., the post parameter values, not the post itself,etc.) in secondary applications. This can function to increase eventdetection accuracy and/or precision, to train post parameter valuedetermination algorithms, to refine relevant user-generated contentidentification algorithms, or be used in any other suitable manner inany other suitable secondary application. This can additionally functionto identify and bookmark private posts that are relevant to an event(e.g., event posts), such that the posts can be rapidly added into acontent stream for posts related to the event (e.g., event contentstream). However, the method can confer any other suitable set ofbenefits.

3. System.

The method preferably controls access and data flow between a postsource (e.g., social networking system), a post analysis system, and athird party system, but can alternatively control data access betweenany other suitable set of computing systems.

3.1 Post Analysis System.

The method is preferably performed by a post analysis system, whichfunctions to control third-party access to user-generated content(posts). The post analysis system preferably accesses posts from thepost source (e.g., social networking system), and selectively surfacesposts (or post identifiers) to the third party system. However, the postanalysis system can receive post content from any other suitable source,and selectively surface the post (e.g., send the post identifier) to anyother suitable endpoint.

The post analysis system can access the posts on the post sources (e.g.,social networking systems) through the user accounts belonging to otherusers (enabled user account), as shown in FIG. 4, wherein the users hadgranted post analysis system access to the respective user account.However, the post analysis system can otherwise access the posts. Thepost analysis system is preferably capable of accessing the postavailable to the enabled user account (e.g., has read access to the useraccount), but is incapable of generating post on behalf of the enableduser account (e.g., has read-only access, but no write access, to theenabled user account). However, the post analysis system can havewrite-only access, read/write access, or any other suitable access tothe enabled user account. The post analysis system is preferablypermitted access to posts authored by the enabled user account, postauthored by other user accounts to which the enabled user account hasaccess (e.g., wherein the enabled user account is a friend of theauthoring user account, wherein the post has friends-only privacysettings, public post, etc.), or any other suitable post. Alternativelyor additionally, the post analysis system can access the post sources(e.g., social networking systems) through a public page or a publicaccount (e.g., an account having little or no direct connections withother user accounts). However, the post analysis system can access thepost on the post sources (e.g., social networking systems) in any othersuitable manner. Posts can be pushed by the post source (e.g., socialnetworking system) to the post analysis system in response to the postposting on the post source (e.g., social networking system), sent by thepost source (e.g., social networking system) in response to a requestsent by the post analysis system to the post source (e.g., socialnetworking system) (e.g., wherein the request can be sent at apredetermined frequency or at any other suitable time), or sent to thepost analysis system in any other suitable manner.

The post analysis system can additionally function to store parametervalues, permissions status (e.g., current, updated, and/or historic), orany other suitable information for each post, user account, user, or anyother suitable entity abstraction. The post analysis system preferablypersistently stores the information, but can alternatively temporarilystore or otherwise store the information.

For each post, the post analysis system can determine and store: a postidentifier, post parameter values, a permissions status, and/or anyother suitable information for the post. The post identifier preferablyuniquely identifies the post, but can alternatively uniquely identifythe post within the post source (e.g., social networking system), withinthe post analysis system, or otherwise identify the post. The postidentifier can be a URI (e.g., supplied by the post source, such as asocial networking system), system-assigned identifier, or any othersuitable identifier. The post identifier is preferably used as arepresentative for the post, wherein all post information is stored inassociation with the post identifier within the post analysis system.However, the post information can be otherwise stored. The post contentis preferably accessible on the post source (e.g., social networkingsystem) through the post identifier, but can alternatively be otherwiseaccessed. The post parameter values are preferably automaticallydetermined by the post analysis system in response to receipt of thepost (e.g., in real or near-real time), but can alternatively beperformed at any other suitable frequency. The post parameter values canbe determined based on the post content, the post context (e.g., time,geographic location, etc.), or any other suitable post information. Whenthe post parameter values are determined based on the post content, thepost analysis system can receive the post content, determine the postparameter values based on the content, and discard the post contentafter post parameter value determination. Alternatively, the postcontent can be stored by the post analysis system. The post permissionsstatus is preferably the most recently verified permissions status forthe post, but can alternatively be a real-time status, a history ofpermissions statuses, or be any other suitable permissions status forthe post. The post permissions status can be retrieved from the postsource (e.g., the source social networking system from which the postwas received), determined by attempting to access the post through auser account not connected to the authoring user account, or beotherwise determined.

For each user account, the post analysis system can determine and store:a user account identifier, user account login, a permissions status,identifiers for auxiliary user accounts associated with the useraccount, or any other suitable information for the user account. Theuser account permissions status is preferably the most recently verifiedpermissions status for the user account, but can alternatively be areal-time status, the most restrictive current permissions status forany post authored by the user account (e.g., determined from apermissions summary for the user), a history of permissions statuses, orbe any other suitable permissions status for the user account. The useraccount permissions status can be retrieved from the post source (e.g.,social networking system), determined by attempting to access a postauthored by the user account through a test user account not connectedto the authoring user account, be determined as a summary of thepermissions statuses of the posts authored by the user account, bedetermined based on the permissions statuses of auxiliary user accountsassociated with the user account (e.g., wherein the permissions statusfor the user account is changed to match the permissions status for theauxiliary user account), or be otherwise determined.

The auxiliary user accounts can be on the same post source (e.g., socialnetworking system) as the user account or on different post sources(e.g., social networking systems). The auxiliary user accounts arepreferably associated with the same user as the user account, but canalternatively be associated with a different user. The auxiliary useraccounts can be linked by the user to the user account (e.g., on thepost analysis system, on the post source or social networking system,etc.), automatically determined by the post analysis system (e.g., basedon a common email address between a first and second user account, basedon common patterns of behavior, based on matching post content authoredby the two accounts, etc.), or be otherwise associated with the useraccount. In one variation, the post analysis system can determine andstore a user permissions status for a user, based on all socialnetworking system user accounts associated with the user. However, thepost analysis system can determine and store any other suitable set ofinformation.

The post analysis system can additionally include or be connected to anevent detection system configured to detect an event based on the postparameter values of one or more posts in real- or near-real time. In oneexample, the event detection system can be that disclosed in U.S.application Ser. No. 14/882,318. However, the post analysis system caninclude any other suitable event detection system. The event detectionsystem can additionally function to identify posts associated with thedetected event (event posts) and/or aggregate the event posts into anevent content stream. The event posts can be posts geographically andtemporally proximal the event geographic location and/or occurrencetime, posts having content about or related to the event, posts havingpost parameter values substantially similar to the event's parametervalues, or be any other suitable post of the plurality. The eventdetection system can additionally store the event parameter values(e.g., determined based on the event posts' parameter values, etc.),store post identifiers of the event posts in association with the eventidentifier, or store any other suitable information related to theevent. However, the event detection system can function in any othersuitable manner. However, the post analysis system can include any othersuitable module configured to analyze and/or leverage the user-generatedcontent in any other suitable manner.

The post analysis system preferably includes a set of servers, butalternatively or additionally includes a set of user devices (e.g.,mobile devices, such as laptops, tablets, etc.) or any other suitablecomputing system. In one variation, the post analysis system includes aset of master modules (e.g., servers or processes) associated with a setof slave modules, wherein the master modules can identify the set ofposts and distribute permission checking tasks for the set of postsamongst the respective slave modules. The posts within the set arepreferably associated by a common parameter. For example, the posts canbe associated by a common event to which it is related, commonthird-party entity, common post album (e.g., created by a third partyentity, automatically generated in association with an event, etc.), orhave any other suitable common parameter. Alternatively, the postswithin a set can be unassociated. Alternatively, each slave module canbe assigned the set of posts in its entirety. The slave modulespreferably determine the privacy settings for the posts in parallel(e.g., substantially concurrently, independent of other slave module,etc.), but can alternatively determine the privacy settings serially orin any other suitable order. Each master module is preferably associatedwith one or more slave modules. Each slave module can be associated witha single master module, or be associated with multiple master modules.The master module preferably determines the checking priority for eachpost, but the slave module can alternatively determine the checkingpriorities for the post assigned to the respective slave server.However, the posts can be otherwise processed (e.g., post parametervalues extracted, post permissions statuses checked, etc.) in parallelor in series.

3.2. User-Generated Content and Post Sources.

The method is preferably performed with a set of posts. The post (i.e.,electronic messages, user-generated content, persistent content,persistent data, persistent post, etc.) preferably includes postcontent, but can alternatively or additionally include any othersuitable information. Examples of post content include: images, videoclips (e.g., temporally organized image frames), audio clips, text,links, URLs, references, and/or any other suitable content. The post ispreferably generated by an authoring user through an authoring useraccount, but can alternatively be automatically generated or generatedin any other suitable manner. The post is preferably authored by asingle user account, but can alternatively be authored by multiple useraccounts. The post is preferably generated on a social networkingsystem, but can alternatively be a generated through any other suitableplatform. The post is preferably generated on a single social networkingsystem, but can alternatively be generated on multiple social networkingsystems or on any other suitable platform. The post is preferablyreceived by the post analysis system from one or more online postsources (e.g., social networking systems) in real time, near-real time,at a predetermined frequency, or at any other suitable rate. Multipleposts can be concurrently received from the post sources. Alternatively,the post source can include news sources, blogs, or any other suitablepost source. The method is preferably capable of accessing andaggregating posts from one or more post sources.

The post can additionally include metadata (i.e., an associated set ofdata properties). The metadata can include a timestamp, a geographiclocation (e.g., geotag, GPS coordinates, name of geographic location,etc.), a measure of location precision (e.g., radius of uncertainty), acategorization or identifier for the mobile device generating the post,a user account identifier, the post capture mechanism (e.g., frontcamera or back camera), or any other suitable parameter. The postmetadata can be associated with the post by the user device creating thepost, by the user account controlling creation of the post, by asecondary user account, by the post source (e.g., social networkingsystem) receiving the post, by the computing system as part of themethod, or associated with the post in any other suitable manner.

The post can additionally be associated with a time, location,permissions setting, or any other suitable parameter from the posts ofthe electronic message. For example, a geographic location can bedetermined for and associated with the post in the manner disclosed inSer. No. 14/043,479 filed 1 Oct. 2013, incorporated in its entirety bythis reference. However, any other suitable information can bedetermined and/or associated with the post in any other suitable manner.In another example, the post can include a textual reference to an event(e.g., through an event name, URL, or other suitable event identifier orreference), wherein the post can be associated with a known event timeand event location associated with the event. In another example, animage can be processed to extract location or time-related metadata(e.g., exchangeable image file format data), extract a location from theimage post (e.g., by image matching with a database), extract a locationtag, or extract any other suitable information. In another example, thepost can include text that references a location (e.g., a location name)and/or a time (e.g., a date, a time, a duration from the time of postgeneration, etc.), wherein the referenced location and/or time are theassociated location and/or time. In another example, the post canreference a secondary source (e.g., a secondary user account), whereinpost authored by the secondary user account includes a location and/or atime. The location and/or time associated with the primary post can bethe referenced location and/or time found in the post authored by thesecondary user account.

The post is preferably authored by a user at a user device, wherein theuser device sends the post to the remote computing system or thesecondary remote computing system. However, the post can be generated byany other suitable system. The user device can include one or moreserver computers, desktop computers, laptop computers, notebookcomputers, sub-notebook computers, netbook computers, netpad computers,set-top computers, handheld computers, Internet appliances, mobilesmartphones, tablet computers, personal digital assistants, video gameconsoles, vehicles, televisions, video players, tablets, or any othersuitable user device. The devices can be stand-alone or networked. Thedevice is preferably connected to the remote computing system (e.g., aserver system, cloud computing system, distributed computing system,mesh network, database, etc.), but can alternatively be connected to anyother suitable system. The device can be wirelessly connected to theremote computing system by a long range wireless connection, such asWiFi, a cellular network service, or any other suitable long rangewireless connection, or be connected by a short range connection, suchas radiofrequency, Bluetooth, near field, or any other suitable shortrange communication connection. Alternatively, the device can beconnected to the computing system by a wired connection, such as a LANline. The device can include a storage and/or memory device. The storageand/or memory device is one or more physical apparatuses used to storedata or programs on a temporary or permanent basis. The device caninclude volatile memory and requires power to maintain storedinformation. The device can additionally or alternatively includenon-volatile memory and retains stored information when the digitalprocessing device is not powered. The device can additionally oralternatively include a display (e.g., LED, LCD, etc.) to send visualinformation to a user. The device can additionally or alternativelyinclude an input device (e.g., keyboard, touchscreen, etc.) to receiveinformation from a user.

Each post source is preferably an online service, platform, or site(e.g., digital social networking system, virtual social networkingsystem, Internet-hosted social networking system, etc.) that preferablyincludes a plurality of user accounts, wherein each user account ispreferably associated with a unique user. Examples of post sourcesinclude social networking systems, news outlets, user devices (e.g.,configured to generate automatic updates), or any other suitable postsource. Examples of social networking systems include Facebook, Twitter,LinkedIn, a digital group formed from linked email addresses, or anyother suitable digital networking system. The post source preferablystores the generated post (e.g., the post content), but canalternatively facilitate persistent or temporary post storage on anexternal storage system.

The post generated by an authoring user account is preferably displayedon a user page or post feed (i.e., post stream) of the user account onthe respective post source. The post feed for a user account can includeuser-generated content (e.g., content posted by the user account to thesocial networking service). The content feed for a user account canadditionally or alternatively include content posted by secondary useraccounts to the post source. The secondary user accounts can be useraccounts that are followed, friended, or otherwise directly connected tothe user account. Alternatively, the secondary user accounts can beaccounts that are indirectly connected to the user account, or notconnected to the user account. The post feed is preferably atime-ordered list (e.g., ordered according to the time of generation),more preferably inversely time-ordered with the most recent post at thetop of the list, but can alternatively be ordered according topopularity (e.g., as determined from the number of views of the post,number of actions on the post, etc.), relevance, or ordered according toany other suitable parameter.

The post source (e.g., social networking system) can additionally storepermissions settings (e.g., privacy settings) in association with theauthoring user account or the post. The privacy settings are preferablyselected by the authoring user account, but can alternatively beautomatically determined or determined in any other suitable manner. Inone variation, the user account can be associated with a privacy summary(e.g., user account privacy settings) summarizing access permissions tothe user account and/or content generated by the user account. Theprivacy summary can include global access permissions (e.g., wherein thesettings apply at an account level), access permissions for specificpost sets (e.g., wherein different sets of posts can have differentaccess permissions), the most restrictive access permission for allposts authored by the user account, or a summary of any other suitableaccess permissions for the user account and/or content generated by theuser account. In a second variation, the user account can include aglobal privacy setting (e.g., wherein the settings apply at an accountlevel), wherein a secondary user account would require access to theauthoring user account, or be otherwise qualified, to view authored postand/or account information. For example, the secondary user account canfall within a category of account qualified to view the post, beincluded on a list of accounts that are permitted access, or beotherwise qualified to view or otherwise access the post. In a secondvariation, the post can be individually associated with a privacysetting (e.g., the permissions apply at a post or post level), wherein asecondary user account must qualify to view each specific post. In athird variation, a set of posts (e.g., posts sharing a commoncharacteristic) can be associated with a common privacy setting. In afourth variation, a set of user accounts (e.g., user accounts sharing acommon characteristic) can be associated with a common privacy setting.However, the post source (e.g., social networking system) can storeprivacy settings for any suitable user account, posts (e.g.,user-generated content), or combination thereof.

The privacy settings can be public, wherein access to the content isgranted globally to all secondary user accounts and/or accessiblewithout a user account (e.g., public); limited, wherein access to thecontent is granted to a predetermined or limited set of secondary useraccounts or account categories; private, wherein access to the contentis denied globally and accessible to only the authoring account;deleted, wherein access to the content is denied globally, even to theauthoring account; or be granted to any other suitable set of secondaryuser accounts. In some variations, any privacy setting wherein access tothe content is denied to a set of secondary user accounts or accountcategories can be classified as restricted. Examples of restrictedsettings include: limited settings, private settings, and deletedsettings. However, any other suitable set of privacy settings with anysuitable set of access permissions can be stored in association with theuser account and/or posts.

Each unique user can be associated with a user account on one or moresocial networking services. The post analysis system can aggregate postsauthored by one or more user accounts that are associated with a user.The user preferably indicates the user accounts associated with the user(e.g., usernames) for each of the social networking services to whichthe user belongs on the post analysis system, such as by entering and/orsigning into each social networking service through the post analysissystem (e.g., native application or browser application) signing intothe post analysis system through OAuth, or otherwise linking one or morepost source user accounts to the post analysis system. However, useraccounts that are associated with the user across multiple socialnetworking services can be otherwise determined.

3.3 Third Party System.

The third party account or entity is preferably interested in the postinformation (e.g., the post content, post identifier, post parametervalues, etc.), but can alternatively be interested in the user accountinformation, derivatory information (e.g., event parameter values,etc.), or in any other suitable information related to the posts. Thethird party entity is preferably not directly connected to the authoringuser accounts on the post sources (e.g., social networking systems), butcan alternatively be connected to the authoring user accounts. Forexample, the third party entity can be a media entity that distributesthe post it receives. In one specific example, the third party entitycan be a news source, wherein the news source can present the postthrough a secondary distribution channel (e.g., television, radio,etc.). Alternatively, the third party account or entity can be securitypersonnel, wherein the post can be used to identify a security breach,altercation, or other security event. Alternatively, the third partyaccount or entity can be a company, branding entity, or advertisemententity, wherein the entity can distribute the post through one or moreadvertising channels. Alternatively, the third party account or entitycan be a financial entity, wherein the entity can utilize (e.g., analyzethe post and perform subsequent methods based on the analysis),distribute the post, or use the post in any other suitable manner.However, the third party entity or account can be or be associated withany other suitable entity.

The third party entity is preferably associated with a third partysystem through which the third party entity accesses the post analysissystem. The third party system can be a user device, server system, orbe any other suitable computing system. In operation, the third partysystem can send a content request to the post analysis system, whereinthe post analysis system can return content streams, post identifiers,post content, and/or other information requested by the content request.The content request can be: a curation request, wherein the post contentis requested for third party curation of the content stream; apublication request, wherein the post content is requested forpublication to a public endpoint (e.g., on air, on a public website,etc.); or be any other suitable request. The request can include anendpoint identifier (e.g., URI, etc.), wherein the requested, processedinformation is sent to the endpoint identifier, or include any othersuitable information. The post analysis system can treat differentcontent requests in the same manner or in different manners. In oneexample, the post analysis system can check the permissions statuses ofthe post identifiers sent to the third party system at a predeterminedfrequency when the content requests are curation requests, but re-checkthe permissions statuses of the post identifiers sent to the third partysystem immediately prior to post identifier transmission when thecontent requests are publication requests. However, the permissionsstatuses can be otherwise verified based on the content request type.

4. Method.

4.1 Detecting the Trigger Event.

Detecting a trigger event S100 functions to identify when updatedpermissions statuses (privacy settings, privacy status, accesspermissions) should be determined. The permissions status can be for apost, a plurality of posts, a user account on a post source (e.g.,social networking system), or multiple user accounts on multiple postsources. Updating the permissions status upon determination of thetrigger event can additionally function to reduce the processing load byselectively determining when the permission statuses for each postshould be determined.

In a first variation, the trigger event can include receiving a new postfrom the post source (e.g., social networking system). This variationcan function to determine the post's permission status as the post isreceived. New posts are preferably posts that have not been indexedand/or stored by the system, but can alternatively be any other suitablepost. In this variation, the method can additionally include indexingthe post Silo. Indexing the post can include processing the post inresponse to post receipt from the post source, determining postparameter values for the post (e.g., extracting post features and/orparameters from the post context and/or content), determining a postidentifier for the post (e.g., assigning a unique post identifier to thepost, extracting the post identifier from the post, retrieving the postidentifier from the post source, etc.), and storing the post identifier,post parameter values, and other post information in a post index. Thedetermined post permission status is preferably additionally stored withthe post identifier in the post index, but can be otherwise stored. Thenew post can be automatically pushed to the system by the post source(e.g., in response to post posting on the post source). Alternatively,the new post can be received in response to a request sent by the systemto the post source. The system can send the request at a predeterminedfrequency, in response to receipt of a query from a user (e.g., for aset of posts, for new post, for post satisfying a set of parameters,etc.), in response to determination of a permissions status change for apiece of co-authored post, or sent at any other suitable time. Therequest can include post parameter values, wherein the received postpreferably satisfies the post parameter values. The post parameters caninclude temporal limitations (e.g., recurrent times, a definedtimeframe, etc.), geographical limitations, authoring user accountlimitations, viewing user account limitations, subject matterlimitations, media type limitations, or any other suitable restrictionor lack thereof. The permission status for the new post can bedetermined for the new post in real- or near real-time, as the post isreceived from the post source. Alternatively, new post can be placed ina queue for permission status determination. Alternatively, thepermission status can be determined at any other suitable time inresponse to receipt of new post.

In a second variation, the trigger event can include receiving a requestfor the post from the third party. This variation functions to verifythat the post to be sent to the third party satisfies a thresholdpermission status (e.g., has a public status) prior to post and/or postidentifier transmission to the third party. The request can be a directrequest for the post, or be an indirect request for the post. Therequest can be for the post identifier (e.g., the URI linking to thepost on the post source), post content, post parameter value, summary ofthe post parameter values, content stream or album including the postidentifier, or any other suitable information for the specific post. Therequest can be an album request, as shown in FIG. 6, wherein the postwithin a user-created album is requested. The request can be an eventrequest, wherein posts associated with an event is requested. Therequest can be a search request (e.g., curation request), as shown inFIG. 7, wherein post substantially matching the search criteria (e.g.,search terms, keywords, phrases, images, sound patterns, etc.) arerequested. However, any other suitable post can be requested. Therequest is preferably received from the third-party account, but canalternatively be received from any other suitable endpoint. In thisvariation, the permissions for each post satisfying the request can bedetermined or verified before the post is sent to the requesting entity.Alternatively, the permissions for each post can be determined orverified as the entity is browsing though the list of post. Thepermissions for the post to be viewed can be determined as the post iscoming into view at the third party device, determined immediatelybefore the post is to be viewed, determined when a secondary post apredetermined number of spots ahead of the post is being viewed (e.g.,anticipatory real-time permissions determination), or determined at anyother suitable time. Alternatively, the post can be sent to therequesting entity as long as the post permissions were verified within athreshold time duration before post information transmission. However,the post permissions can be determined at any other suitable time.

In a third variation, the permissions status is determined at apredetermined frequency, wherein the trigger event can be the passing ofa predetermined period of time since the last determination. Thefrequency of permissions determination for each post indexed by thesystem is preferably different, but can alternatively be the same. Thefrequency can be associated with a post set (e.g., an album, eventcontent stream, etc.), individual posts, or with any other suitable setof posts.

The frequency of permissions status determination can be determinedbased on the request frequency for the post, more preferably the requestfrequency for the post set with which the post is associated butalternatively the request frequency for the post itself. For example,permissions for the post within a first set of posts can be verified ata first frequency, while permissions for the post within a second set ofposts can be verified at a second frequency. The first frequency ispreferably more frequent than the second frequency when the first set ofposts is viewed or requested more frequently than the second set ofposts is viewed or requested. However, the frequency of permissionsstatus determination can be determined in any other suitable manner.

Alternatively, the frequency of permissions status determination can bedetermined based on the age of the post, wherein newer post can have ahigher probability of being viewed, requested, included within a set ofposts to be viewed or requested, or otherwise interacted with. Thefrequency can decay as a function of post age, post viewing probability,or any other suitable post parameter.

Alternatively, the frequency of permissions status determination can bedetermined based on whether the post is associated with an event and/orbased on the event with which the post is associated. Higher frequenciescan be selected for popular events (e.g., events having high request orviewing rates) or events predicted to be popular (e.g., based on machinelearning techniques), and lower frequencies can be selected for postthat are unassociated with any events. However, the frequency ofpermissions status determination can be determined in any other suitablemanner.

In a fourth variation, the trigger event can include the post or useraccount identifier rising to the top of a queue for permissionsdetermination. The post or user account can be placed in the queue inresponse to determination that the post or user account has a privatepermissions status, in response to determination that the permissionsstatus of the post or user account has changed, or in response to anyother suitable condition being met. The post or user account can beplaced at the bottom of the queue, inserted partway within the queue, orotherwise added to the queue.

In a fifth variation, the trigger event can include detecting a changein the pattern of permissions for a post, examples of which are shown inFIG. 5. In this variation, the method can include: determining thepermissions status for a post, comparing the post's updated permissionsstatus with a reference permissions status, and determining a difference(change, deviation, discrepancy) between the post's updated permissionsstatus and the reference permissions status, wherein the differencebetween the updated permissions status and the reference permissionsstatus functions as the trigger event. The reference permissions statuscan be the stored permissions status of the post (e.g., priorpermissions status for the post, last permissions status for the post),the stored permissions status of the authoring user account, the storedpermissions status of a prior post authored by the user account, thestored permissions status of a prior post authored by an auxiliary useraccount (e.g., second user account associated with the authoring useraccount; second user account associated with the same user as theauthoring user account, etc.); the stored permissions status of a priorpost, having similar post parameter values, authored by an auxiliaryuser account; the stored permissions status of an auxiliary useraccount; the stored permissions status for the majority of the postsauthored by the user account or user (e.g., across all user accountsassociated with the user); the anticipated permissions status for thepost; or be any other suitable reference permissions status. The priorpost can be the last post received from the respective user account orbe any other suitable prior post authored by the respective useraccount. The prior post having similar post parameter values can be apost that shares subject matter, keywords, location, tags, recurrenttimes (e.g., time of the day, day of the week, etc.), parameter valuepatterns, or any other suitable parameter with the analyzed post. Theanticipated permissions status for the analyzed post can beautomatically or otherwise determined. For example, the anticipatedpermissions can be determined based on historical post co-authored bythe user account and/or the user associated with the user account (e.g.,posts from other social networking systems). The anticipated status candetermined by an anticipation module (e.g., probability based on machinelearning techniques, learned status assignment patterns) or bedetermined in any other suitable manner.

The difference between the post's permissions status and the referencepermissions status is preferably determined when the permissions statusfor the analyzed post differs from the reference permissions status, butcan alternatively be determined when any other suitable condition issatisfied. In a first example, the difference is detected when thepost's permission status changes from private (the stored permissionsstatus) to public (the updated permissions status) or vice versa. In asecond example, the difference is detected when the post's updatedpermission status is private, but the stored user account permissionsstatus is public, or vice versa. However, the difference can beotherwise determined. However, the trigger event can be any othersuitable event.

In a sixth variation, the trigger event can include detecting a changein the pattern of permissions for a user account. In this variation, themethod can include: determining the permissions status for the useraccount, comparing the user account's updated permissions status with areference permissions status, and determining a difference (change,deviation, discrepancy) between the user account's updated permissionsstatus and the reference permissions status, wherein the differencebetween the updated permissions status and the reference permissionsstatus functions as the trigger event. The reference permissions statuscan be any of the reference permissions status described for the fourthvariation, but can alternatively be any other suitable referencepermissions status. The difference between the user account'spermissions status and the reference permissions status is preferablydetermined when the permissions status for the analyzed post differsfrom the reference permissions status but can alternatively bedetermined when any other suitable condition is satisfied. In a firstexample, the difference is detected when the user account's permissionstatus changes from private (the stored permissions status) to public(the updated permissions status) or vice versa. In a second example, thedifference is detected when the user account's updated permission statusis private, but the stored permissions status for the last received postis public, or vice versa. However, the difference can be otherwisedetermined.

However, the trigger event can include the automatic addition of thepost identifier to a content stream, manual addition of the postidentifier to a content stream, receipt of a user input, or be any othersuitable event.

4.2 Identifying a Set of Posts for Permissions Analysis.

Identifying a set of posts for permissions analysis S200 functions tolimit the number of posts analyzed at any given time, or limit thenumber of posts queued for analysis. This can additionally oralternatively function to prioritize posts for permissions statusanalysis. The posts are preferably identified by the respective postidentifiers, but can alternatively be identified by post content, postparameter value (e.g., media, associated keyword, etc.), or be otherwiseidentified. The set of posts can be identified after detection of one ormore trigger events, be identified before occurrence of the triggerevent (e.g., wherein occurrence of the trigger event triggerspermissions statuses to be checked), or be identified at any othersuitable time.

In a first variation, the set of posts can be old posts, or posts thathave been previously analyzed by the system. Prior analysis can includeprior permissions status determination, prior post indexing andinformation storage, or any other suitable analysis performed on thepost. The old posts are preferably identified in response to anassociated trigger event being met, but can alternatively be identifiedat any other suitable time. For example, old posts can be identified forpermissions analysis in response to detecting a change in the pattern ofpost permissions in a second piece of co-authored post, in response todetecting a change in the pattern of permissions for the authoring useraccount, in response to detecting a change in the pattern of permissionsfor a post authored by an auxiliary user account, in response todetecting a change in the pattern of permissions for an auxiliary useraccount, in response to receipt of a request to view the post set withwhich the old post is associated, in response to the old postprogressing within a permissions analysis queue, in response to apredetermined time period being met (e.g., wherein the permissions arechecked at a predetermined frequency), in response to the post beingassociated with an unavailable, private, or deleted status, or inresponse to any other suitable trigger event. The old post can beincluded in previously defined post sets, indexed posts satisfying a setof search parameters (e.g., event posts), or any other suitable set ofposts. The previously defined post sets (predefined post set) can beautomatically compiled by the system, compiled by a user account (e.g.,by the third party), or otherwise generated. In a first example, thepredefined post set can be a set of posts associated with an event(e.g., an event content stream), wherein the posts within the set can bethe underlying post from which the event was determined, posts havingpost parameter values substantially similar to the event parametervalues, posts tagged with an event identifier, or any other suitablepost associated in any other suitable manner with the event. In a secondexample, predefined post set can be a set of public posts associatedwith the event. In a third example, the predefined post set can be a setof posts having parameter values matching a request. However, the oldpost can be individual posts or any other suitable set of posts.

In a second variation, the set of posts includes new posts, or poststhat had not been previously analyzed by the system (e.g., post thatdoes not have a post identifier within the system). New posts can beidentified for permissions analysis in response to new post receipt orin response to the occurrence of any other suitable trigger event. Thenew post can be a post that was authored or otherwise generated within apredetermined time duration (e.g., between a first and second uniquetimestamp) since a reference timestamp. The reference timestamp ispreferably the last time post was received from the respective postsource, but can alternatively or additionally be the last time post wasreceived from the user account, the timestamp of the last post receivedfrom the post source or user account, or be any other suitable time.Alternatively or additionally, the new post can be a post, received fromthe post source, which has not been indexed by the system. This can bedetermined based on a comparison between the post index and the postreceived from the system, wherein the new post can be identified as postlacking representation (e.g., a post identifier or file) within the postindex.

In one example, identifying the new post can include receiving a postsatisfying a set of search parameters from a post source, comparing thereturned post set with the indexed posts, and identifying a new post asposts within the returned post set that are not within the indexedposts. Examples of search parameters that can be used include a timelimitation, a geographic region limitation, a specified set of useraccounts, a specified set of events, a specified set of subject matter,a specified set of keywords, or any other suitable post parameter.Identifying the new post can additionally include requesting the postset from the post source (e.g., social networking system), wherein therequest can be sent to the post source through a public page, through anaccount associated with the third party, through a set of user accounts,or sent through any other suitable channel. The indexed set of postsused for the comparison can be limited by the search parameters, limitedby the post source (e.g., social networking system) from which thereturned post is received, limited by the user accounts through whichinformation is retrieved, or limited in any other suitable manner.Comparing the returned post set with the indexed post can includecomparing unique parameters of the post (e.g., timestamps, authoringuser account identifiers, post identifiers, etc.), but can alternativelyinclude comparing post subject matter, keywords, or any other suitablepost parameter. However, any other suitable set of posts can bedetermined in any other suitable manner.

4.3 Determining the Permissions Status for the Each of the Set of Posts.

Determining the permissions status for each of the set of posts S300functions to determine whether the post content of each post within theset is available to the third party. However, whether the post contentis available to the third party can be otherwise determined. Thepermissions status is preferably determined automatically upon detectionof the trigger event, but can alternatively be determined upon userresponse to the trigger event or at any other suitable time. Thepermissions status of the user account, prior posts authored by the useraccount, auxiliary accounts, prior posts authored by auxiliary accounts,posts sharing post parameter values authored by secondary users (e.g.,other event posts), or any other suitable set of posts can be determinedin response to detection of the trigger event. The permissions statuscan be public, private to a subset of secondary user accounts, privateto the authoring account only, or unavailable or deleted. However, anyother suitable permissions status can be determined. The determinedpermissions status is preferably stored in association with therespective identifier (e.g., post identifier or user identifier) in thepost analysis system, such that the permissions status can be used forsubsequent comparison, but the permissions status can alternatively oradditionally be used in any other suitable manner. A timestampreflecting the time at which the permissions status was determined canadditionally be stored in association with the post identifier.

Determining the permissions status for the identified set of posts(checking the permissions status) can include requesting informationfrom a post source (e.g., social networking system) for the post,determining the permissions status based on the received information,and updating the index with the permissions status. However, thepermissions status can be otherwise determined.

Requesting information from the post source (e.g., social networkingsystem) (e.g., querying a social networking system for permissionsinformation) functions to retrieve the permissions status from the postsource or retrieve information from the post source such that thepermissions status of the post can be inferred. The post source fromwhich the information is requested is preferably the post source fromwhich the post was received, but can alternatively be a linked postsource, a separate and discrete post source, or any other suitablecontent source. The permissions information that can be requested,queried, retrieved, or otherwise obtained can include: the permissionsstatus for the post, the permissions status for the authoring useraccount (e.g., privacy status, privacy summary, etc.), the permissionsstatus for the post source, or any other suitable permissionsinformation.

In a first variation, the post source provides an API (applicationprogramming interface) or other resource through which information canbe requested and received. In this variation, the permissions status forthe post or user account can be directly requested from the post source,through the API, based on the respective identifier or otherrepresentation for the post or user account, wherein the receivedpermissions status is subsequently recorded in association with the postidentifier or user account identifier in the post index, as shown inFIG. 2.

In a second variation, as shown in FIG. 3, the system can attempt todirectly access the post or authoring user account through the postsource. This can be particularly useful if the post source does notprovide an API or other channel through which the permissions status canbe directly queried. In this variation, the system can request the postusing the post identifier or other post representation (e.g., a URL),request the authoring user account using the user account identifier orother representation stored in the post index, or request any othersuitable information from the post source. The system can request thepost through one or more user accounts, such as the authoring account(e.g., wherein the permissions status for the post is directly retrievedor queried), a secondary account directly connected to the authoringaccount in the post source, a secondary account not directly connectedto the authoring account, through a public page (e.g., not logged intothe post source), and/or request the information from the post sourcethrough any other suitable login state. One or more attempts ataccessing the information through different login states can be madeconcurrently, serially, or in any other suitable order. For example, thesystem can attempt to access the information (e.g., post or authoringuser account) through a public page (e.g., through a logged-out state),attempt to access the information through the authoring user account inresponse to failure to retrieve the information through the public page,and attempt to retrieve the information through a secondary user accountconnected to the authoring user account in response to informationretrieval through the authoring user account. However, any othersuitable information can be requested in any other suitable manner ororder from the post source.

In a third variation, the system can request posts satisfying a set ofsearch parameters from the post source (e.g., social networking system),wherein the request can be sent through multiple accounts (e.g., throughboth the logged-in state and logged-out state), a single account, orthrough any other suitable set of accounts. The returned posts are thencompared against the indexed posts. In response to determination that anindexed post is no longer in the returned post set, the permissions forthe deviant post can be changed to private or deleted. Permissionsdetermination for posts authored by auxiliary user accounts canadditionally be triggered based on the discrepancy. This can betriggered whether or not the post was received from a post source withpost-level permissions or only account level permissions. In the formercase, all or a subset of co-authored posts (e.g., more recent postsauthored by the user account, posts sharing a common post parameter,etc.) can be analyzed. In the latter case, a single co-authored post canbe analyzed to verify the account level permission change. However, anysuitable volume of posts can be analyzed at any other suitable time.

Determining the permissions status based on the received informationfunctions to interpret the received information to determine the currentpermissions status of the post under review. The determined permissionsstatus for the post can additionally be used as or be used to determinethe permissions status of an authoring user account and/or all postsauthored by the account. For example, when the post source is known toonly have account-level permissions, the permissions status of a singlepost will be used as (e.g., stored as) the updated permissions status ofthe authoring user account and all posts authored by the account.

In a first variation, the returned permissions status that is receivedfrom the post source in response to a query for the permissions statusis considered the current permissions status for the post or useraccount. For example, the returned permissions status for a post can betreated as the current post permissions status, and the returnedpermissions status for a user account can be treated as the currentpermissions status for the user account and/or posts previously authoredby the user account (e.g., all previously authored posts, a subset ofpreviously authored posts, etc.).

In a second variation, the current permissions status is inferred basedon the accessible information and the means through which the attemptedinformation access was made. In a first embodiment, the post permissionsstatus can be inferred from the presence or absence of returned postcontent. For example, if the post was accessible through a public page(e.g., non-default information was returned, wherein default informationcan be an access denial, error, or other default information), a publicpermissions status can be assigned to the respective post as the post'scurrent permissions status. Additionally or alternatively, if defaultinformation is returned, the permissions can be determined from thereturned default information. For example, the post can be associatedwith a private permissions status when the returned information is afirst set of default information (e.g., access denial), and beassociated with a deleted permissions status when the returnedinformation is a second set of default information (e.g., informationnot found). If the post was inaccessible through the public page butaccessible through the authoring user account, then the post can beassociated with a private permissions status. If the post was accessiblethrough the authoring user account but inaccessible through a secondaryuser account connected to the authoring user account, then the post canbe associated with a private, author only access. If the post wasinaccessible through the public page but accessible through thesecondary user account connected to the authoring user account, then thepost can be associated with a private, limited access status. In aspecific example, the post permissions status determination can onlyinclude attempting to access the information or user account through thepublic page, which can function to reduce the number of processing stepsand increase the speed of analysis. This specific example can be usedfor permissions status verification before real-time display, or be usedin any other suitable manner.

In a second embodiment, the post permissions status can be determinedbased on the user account permissions status (e.g., be updated to matchthe current user account permissions status). The user accountpermissions status can be assigned as the post permissions status, orthe post permissions status can be individually determined. For example,the current permissions status for all posts authored by a user accountcan be set to a private status in response to the user accountpermissions status (e.g., user account permissions summary) beingprivate. In a specific example, if the user account is inaccessiblethrough the public page, then all posts authored by the user account canbe updated with a private status within the post index module. In asecond example, the current permissions status for all posts authored bya user account can be set to a public status in response to the useraccount permissions status (e.g., user account permissions summary)being public. In a specific example, if the post is accessible throughthe public page and the user account is on a post source with onlyaccount-level permissions, all posts authored by the user account can beassigned a public status within the post index module. In a thirdexample, the current permissions status for all posts authored by a useraccount can be individually checked in response to the user accountpermissions status (e.g., user account permissions summary) beingpublic. In a specific example, if the post is accessible through thepublic page and the user account is on a post source with post-levelpermissions, the permission settings for each post indexed within thepost index module authored by the user account can be individuallyanalyzed for. However, the post permissions status can be otherwisedetermined based on the permissions status of the authoring useraccount.

In a third embodiment, the authoring user account permissions status canbe determined based on the post permissions status. In a first example,the user account permissions status can be set to mirror the currentpermissions status. This can be used when only account-level permissionsare available on the respective post source, or when post-levelpermissions are available on the respective post source (e.g., whereinthe post analysis system identifies and applies the most restrictivepermissions access found within the set of authored posts). However, theauthoring user account permissions status can be otherwise determinedbased on the post permissions status.

In a fourth embodiment, the user account permissions status can bedetermined based on the permissions status of an auxiliary account. Thisembodiment can assume that a user wants the most current permissionsstatus to apply to all user accounts associated with the user across allpost sources (e.g., all social networking systems). The user accountpermissions status can mirror the permissions status of an auxiliaryaccount, be more restrictive than the auxiliary account permissionsstatus, be less restrictive than the auxiliary account permissionsstatus, or be otherwise related to the auxiliary account permissionsstatus. In a first example, the user account permissions status can beset to private in response to determination that the permissions statusof an auxiliary user account is private. In a second example, the useraccount permissions status can be set to public in response todetermination that the permissions status of an auxiliary user accountis public. In a third example, the user account permissions status canbe checked in response to determination that the permissions status ofan auxiliary user account is public. However, the user accountpermissions status can be otherwise determined.

In a fifth embodiment, the system can attempt to access the post and/oruser accounts through the user account of the third party entity,wherein the post can be assigned an available status for the third partywhen the post is accessible, and assigned an unavailable status for thethird party when the post is inaccessible. However, the permissionsstatus can be otherwise determined.

4.4 Storing the Updated Permissions in the Post Indexing System.

Updating the post index with the permissions status S400 functions torecord the newly-determined permissions status as the stored permissionsstatus for the post. Updating the index can include storing thedetermined status in association with the respective post identifier,the authoring user account, or in association with any other suitabledata structure. The permissions status can be stored with adetermination timestamp or be stored independent of a timestamp. In afirst example, the stored permissions status for the post can be set toa private status in response to the retrieved permissions status for thepost or authoring user account including restricted access (e.g.,private access, limited access, deleted, etc.). In a second example, thestored permissions status for the post can be set to mirror theretrieved permissions status for the post or authoring user account. Ina third example, the stored permissions status for the post can be setto public in response to the retrieved permissions status for the postor authoring user account including public access. However, the storedpermissions status can be otherwise updated.

The stored permissions status can be subsequently used as a referencepermissions status, used to filter the post identifiers beforetransmission to the third party system, or be used in any other suitablemanner. The recorded status can additionally be used to waivepermissions determination. For example, if the permissions status of apost was determined within a predetermined period of time of a referencetime (e.g., determined recently, such as within the last minute, thelast 30 seconds, last hour, etc.), the identifier for the respectivepost can be sent to the third party entity without re-determining thepermissions status. Alternatively, the private post, while relevant tothe third party's query, can be left out of the set of post identifiersent to the third party. However, the recorded status can be otherwiseused. Alternatively, the system can discard the recorded status afterdetermination without storing the status.

The post information (e.g., post identifier, post parameter values,etc.) is preferably stored by the post indexing module after postpermissions status determination (e.g., regardless of the postpermissions status), but can alternatively be selectively discardedbased on the post permissions status (e.g., information for privateposts discarded, etc.), discarded after post permissions statusdetermination, or otherwise post-processed. The retained postinformation is preferably subsequently used for population-level postanalysis, such as dynamic event determination. Furthermore, the postinformation is preferably retained because the permissions status of therespective post may change (e.g., be changed by the authoring useraccount from private to public) or have been incorrectly determined(e.g., wherein the unavailable status was determined because the postsource server hosting the post was down or otherwise unavailable), wherere-determination of the post information can constitute a waste ofprocessing power. However, the post information can be discarded orotherwise processed in response to determination of the permissionsstatus.

4.5 Re-Evaluating the Permissions Status for a Set of Posts.

The method can additionally include re-evaluating the permissions statusfor a set of posts, which functions to identify posts whose permissionsstatuses have been changed from private to public. The permissionsstatus is preferably re-evaluated in response to the occurrence of atrigger event, but can alternatively be re-evaluated at any othersuitable time.

In one variation, re-evaluating the permissions status includes queuingposts having private or deleted status for re-evaluation. This canfunction to determine whether the post was truly private or deleted, orif the post was categorized as private or deleted because the portion ofthe post source hosting the post was unavailable. For post sources thatenable per-post permission statuses, the system can stop re-queuing thesame private or deleted post (post identifier) for re-evaluation afterthe post has been checked a predetermined number of times (e.g., threetimes), has been checked after a predetermined period of time (e.g.,after 2 days), or has been checked after any other suitable conditionhas been satisfied. However, the system can continually re-queue thepost as long as the post has a predetermined status (e.g., private ordeleted, etc.). For post sources that only enable account-levelpermissions status, the system can stop re-queuing private or deletedpost from the authoring account after any post from the authoringaccount has been checked a predetermined number of times, checked aftera predetermined period of time, or checked after any other suitablecondition has been satisfied.

Additionally or alternatively, the method can include re-queuing thepost in response to determination that the post has a public status,which can function to verify that the public status of the post orauthoring account has not changed. The status of the public post can bechecked when a request for the post is received, or updated upon theoccurrence of any other suitable trigger event. Alternatively, themethod can determine the respective permissions status only in responseto a request to view the post.

In a second variation, re-evaluating the permissions status includes:receiving a new post having a different permissions status from thestored status for prior, co-authored posts and/or the authoring useraccount; and determining the permissions status for the authoring useraccount or the prior, co-authored posts in response to new post receipt.In a specific example, re-evaluating the permissions status includes:receiving a new post with a public permissions status, wherein thestored permissions status for the authoring user account and/or priorposts is private; and determining the permissions status for theauthoring user account and/or prior posts in response to receipt of thenew post with the public permissions status.

In a third variation, re-evaluating the permissions status can include:receiving a new post having a different permissions status from thestored status for an auxiliary account and/or prior posts authored bythe auxiliary account; and determining the permissions status for theauthoring user account, auxiliary user account, and/or prior postsauthored by the auxiliary account. In a specific example, re-evaluatingthe permissions status includes: receiving a new post with a publicpermissions status authored by a first user account; identifyingauxiliary accounts to the first user account, wherein the storedpermissions status for the auxiliary user accounts and/or prior postsauthored by the auxiliary account is private; and determining thepermissions status for the auxiliary user account and/or prior postsauthored by the auxiliary account in response to receipt of the new postwith the public permissions status.

In a fourth variation, re-evaluating the permissions status can include:aggregating a set of posts sharing a common characteristic (e.g., eventposts) into a content stream, regardless of the respective posts'permissions status; creating an edited content stream including thepublic posts from the content stream; periodically checking thepermissions status for each post identified within the post set; andmaintaining the edited content stream by adding newly-public posts tothe edited content stream and removing newly-private posts from theedited content stream. However, the permissions statuses can beotherwise re-evaluated.

4.6 Selective Post Transmission

The method can additionally include selectively transmitting the post,or a representation thereof (e.g., post identifier), to a third partysystem S500. This can function to enable a third party to access and/orview the post content. Selective post transmission to the third partycan include: receiving the post set request (e.g., request for a set ofposts), determining the post permissions status for each post within thepost set after post set request receipt, and selectively transmittingthe posts satisfying a set of post parameter conditions (e.g., onlyposts with public permissions statuses) to the third party after thepost permissions status for the post has been updated. However, the postcan be otherwise selectively transmitted in response to the satisfactionof any other suitable set of conditions. The requested post set can be apre-aggregated post set, such as an automatically generated eventcontent stream (e.g., including a set of posts associated with theevent), a pre-curated content stream, or any other suitablepredetermined post set stored by the post analysis system; be anundetermined post set; or be for any other suitable set of posts.

In a first variation, selectively transmitting the posts satisfying aset of post parameter conditions includes transmitting only posts orpost identifiers associated with a public permissions status,unrestricted permissions status, and/or public user account to the thirdparty. In a second variation, selectively transmitting the postssatisfying a set of post parameter conditions includes transmitting onlyposts or post identifiers with public permissions statuses or postsavailable to the third party system to the third party. However, postidentifiers associated with any other suitable permissions status can beselectively released to the third parties. However, posts having anyother suitable permissions status can be sent to the third party system.

In a first example, selectively transmitting posts to the third partysystem includes: receiving a query from the third party system,automatically aggregating post identifiers for posts with publicpermissions statuses and satisfying the query into a post set (e.g.,content stream), and transmitting the post identifiers within the postset to the third party system. This example can additionally include:checking the permissions status for each post identified within the postset prior to post transmission, and removing posts with non-publicpermissions statuses (e.g., restricted statuses, private statuses etc.)from the post set.

In a second example, selectively transmitting posts to the third partysystem includes: receiving a query from the third party system,automatically aggregating post identifiers for all posts satisfying thequery into a post set (e.g., content stream), checking the permissionsstatus for each post identified within the post set, removing posts withnon-public permissions statuses (e.g., restricted statuses, privatestatuses etc.) from the post set, and transmitting the post identifierswithin the edited post set to the third party system.

In a third example, selectively transmitting posts to the third partysystem includes: aggregating post identifiers sharing a commoncharacteristic (e.g., aggregating event posts) into a post set;periodically checking the permissions status for each post identifiedwithin the post set; maintaining an edited post set including the publicposts from the post set (e.g., by adding newly-public posts to theedited post set and removing newly-private posts from the edited postset); receiving a query from the third party system for the post set(e.g., after post set aggregation and edited post set maintenance,alternatively at any other suitable time); and transmitting the editedpost set to the third party in response to query receipt. However, thepost sets can be otherwise monitored to only release public postcontent.

Upon receipt of the post identifiers, the third party device can thenretrieve the post identified by the post identifiers from the respectivepost sources. Because the post permissions statuses were verified asaccessible prior to third party post identifier transmission, thirdparty confusion due to missing post can be minimized by eliminating thepost identifiers for post that is inaccessible to the third party fromthe list. However, third party access to the post content can beotherwise provided.

4.7 Third Party Interactions.

The method can additionally include enabling third party communicationwith the authoring user account, such that the third party can ask theauthoring user account for permission to distribute the authored post.In a first variation, the method includes embedding authoring useraccount information (e.g., contact information) in the post list sent tothe third party, such that third party selection of the post or anassociated icon can link the third party to a contact form accessedthrough the authoring user account information. Additionally oralternatively, the contact form can be a contact form provided by thesource post source.

The method can additionally include enabling third party contact withthe subject of the media (e.g., a second user of whom the picture isof), wherein the subject information (e.g., subject's user account,subject's contact information) can be determined during post indexingand/or permissions determination (e.g., through tags associated with thepost) and associated with the respective post identifier sent to thethird party. However, method can enable third party contact with anyother suitable set of users.

An alternative embodiment preferably implements the above methods in acomputer-readable medium storing computer-readable instructions. Theinstructions are preferably executed by computer-executable componentspreferably integrated with a post analysis system. The post analysissystem can include a post retrieval system, a post index system, and apost analysis system. The computer-readable medium may be stored on anysuitable computer readable media such as RAMs, ROMs, flash memory,EEPROMs, optical devices (CD or DVD), hard drives, floppy drives, or anysuitable device. The computer-executable component is preferably aprocessor but the instructions may alternatively or additionally beexecuted by any suitable dedicated hardware device.

Although omitted for conciseness, the preferred embodiments includeevery combination and permutation of the various system components andthe various method processes.

As a person skilled in the art will recognize from the previous detaileddescription and from the figures and claims, modifications and changescan be made to the preferred embodiments of the invention withoutdeparting from the scope of this invention defined in the followingclaims.

We claim:
 1. A method for user-generated content privacy control,comprising: receiving a plurality of posts from a plurality of socialnetworking systems, each post of the plurality uniquely identified by apost identifier and authored by a different user account on therespective social networking system; determining post parameter valuesfor each post of the plurality; storing a stored permissions status foreach post of the plurality; detecting an event based on the postparameter values of the plurality of posts; aggregating post identifiersfor posts of the plurality related to the event into an event contentstream for the event; receiving a request for the event content streamfrom a third party; in response to receipt of the request, for each postidentifier within the event content stream: checking a permissionsstatus for the respective post, comprising querying the respectivesocial networking system from which the respective post was received fora permissions status of the respective post; in response to thepermissions status for the respective post comprising restricted access:setting the stored permissions status for the respective post to aprivate status, querying the social networking system for a permissionsstatus of the respective user account authoring the respective post, andsetting permissions statuses for all posts authored by the respectiveuser account to private in response to the permissions status comprisinga private categorization; generating an edited event content stream byremoving post identifiers associated with private permissions statusesfrom the event content stream after checking permissions statuses foreach post identifier within the event content stream; and sending theedited event content stream to the third party.
 2. The method of claim1, wherein detecting an event based on the post parameter values of theplurality of posts comprises: for each of a plurality of geofences,determining a geofence parameter value from the post parameter values ofthe posts of the plurality that are associated with the geofence; anddetecting the event within a geofence of the plurality of geofences inresponse to the respective geofence parameter value deviating, beyond apredetermined threshold, from a baseline parameter value, wherein thebaseline parameter value is determined based on post parameter values ofhistoric posts associated with the geofence.
 3. The method of claim 2,wherein the geofence parameter value comprises an occurrence frequencyof a post parameter value; wherein the baseline parameter valuecomprises an average occurrence frequency of the post parameter value.4. The method of claim 2, further comprising: receiving subsequent postsfrom the plurality of social networking systems, wherein the subsequentposts comprise both geofence posts and global posts, wherein thegeofence posts comprise posts of the plurality associated with thegeofence, and the global posts comprise posts of the pluralityassociated with geographic identifiers outside of the geofence;identifying subsequent event posts from the subsequent posts, thesubsequent event posts comprising subsequent posts that are related tothe event; automatically updating the event content stream with postidentifiers of the subsequent event posts, such that the event contentstream is updated in near-real time; automatically checking thepermissions status for each post identifier within the event contentstream at a predetermined frequency; and automatically updating theedited event content stream based on the permissions status of each postidentifier within the event content stream at a second predeterminedfrequency.
 5. The method of claim 1, wherein the event content streamconsists essentially of post identifiers for event posts comprisingimage frames.
 6. The method of claim 1, further comprising validatingthe event prior to sending the edited event content stream, whereinvalidating the event comprises: determining an anomaly probability forthe event, based on historic posts associated with a geofence associatedwith the event and the post parameter values for posts of the pluralitythat are associated with the event and the geofence; and validating theevent in response to the anomaly probability exceeding a thresholdanomaly probability.
 7. The method of claim 1, further comprising:receiving, from the third party, a use request associated with aselected post identifier of the edited content stream; in response toreceipt of the use request: identifying the social networking systemfrom which the identified post was received and identifying the authorthat generated the post identified by the selected post identifier;sending a permissions request to the author through the socialnetworking system, the permissions request comprising an accept optionand a deny option; and removing the selected post identifier from theedited content stream in response to receipt of the deny option from theauthor.
 8. The method of claim 7, further comprising: storing the denyoption with the selected post identifier; wherein generating the editedcontent stream further comprises removing post identifiers stored with adeny option from the edited content stream.
 9. The method of claim 1,further comprising: receiving post identifier selections from the editedevent content stream from the third party; aggregating the postidentifier selections into a publication stream; and in response toreceipt of a live broadcast request from the third party: checking thepermissions status for the post identifiers within the publicationstream; generating an edited publication stream by removing postidentifiers associated with private permissions statuses from thepublication stream after checking the permissions status; and sendingthe edited publication stream to the third party.
 10. The method ofclaim 9, further comprising: receiving an endpoint URI from the thirdparty; classifying the endpoint URI as the live broadcast request; andceasing aggregation of the post identifier selections into thepublication stream in response to live broadcast request receipt;wherein sending the edited publication stream to the third partycomprises sending the edited publication stream to the endpoint URI. 11.The method of claim 9, comprising, after receipt of the live broadcastrequest: receiving subsequent posts from the plurality of socialnetworking systems; identifying subsequent event posts from thesubsequent posts, the subsequent event posts comprising subsequent poststhat are related to the event; automatically updating the event contentstream with post identifiers of the subsequent event posts, such thatthe event content stream is updated in near-real time; automaticallychecking the permissions status for each post identifier within theevent content stream at a predetermined frequency; and automaticallyupdating the edited event content stream based on the permissions statusof each post identifier within the event content stream at a secondpredetermined frequency.
 12. The method of claim 1, further comprising:determining event parameter values for the event based on the postparameter values for posts of the plurality related to the event;sending an event notification to the third party in response to theevent parameter values satisfying a set of event parameter requirementsassociated with the third party, wherein the request is received fromthe third party as a third party response to the event notification; andautomatically updating the event parameter values in near-real timebased on subsequently received posts received from the plurality ofsocial networking systems.
 13. The method of claim 1, the method furthercomprising: including a post identifier within the event content streamin response to the identified post being classified as an event post foran event having a news event probability above a threshold probabilityvalue specified by the third party; and including the post identifierwithin a second content stream associated with a second third party,separate from the third party, in response to the identified postcomprising an image including a portion of a predetermined logospecified by the second third party.
 14. The method of claim 13, furthercomprising: receiving a post identifier selection from the secondcontent stream from the second third party; receiving an endpoint URIfrom the second third party; sending the post identifier selection tothe endpoint URI at a publication time in response to receipt of thepost identifier selection; and determining a measure of exposure for thepost identified by the selected post identifier.
 15. The method of claim14, wherein the measure of exposure is determined through the endpointURI and based on a social graph of the respective author within therespective social networking system.
 16. The method of claim 1, furthercomprising: in response to storing the stored permissions status foreach post of the plurality of posts, comparing the permissions status ofeach post of the plurality of posts with a stored permissions status forthe respective authoring user account; and in response to determinationof a discrepancy between a post permissions status and the storedpermissions status for the respective authoring user account: queryingthe respective social networking system from which the post was receivedfor a second permissions status of the respective user account; andupdating a stored permissions status for each post authored by therespective user account in response to the second permissions statuscomprising a different permissions status from the stored permissionsstatus.
 17. The method of claim 16, wherein updating the storedpermissions status comprises setting the stored permissions status forall posts authored by the respective user account to private in responseto the second permissions status comprising a private status.
 18. Themethod of claim 1 further comprising: determining a geographicidentifier and a timestamp for each post of the plurality of posts;wherein detecting the event comprises detecting the event within ageofence at a first time based on the post parameter values of geofenceposts, wherein geofence posts are posts of the plurality of posts thatare associated with geographic identifiers within the geofence andassociated with timestamps within a predetermined time duration of thefirst time; and wherein the post identifiers for the posts of theplurality of posts related to the event comprise post identifiers forgeofence posts that are associated with the first geographic identifierand with the detected event, as determined based on the respective postparameter values.
 19. The method of claim 18, further comprisingvalidating the event prior to sending the event notification, whereinvalidating the event comprises: determining an anomaly probability forthe post, based on historic posts from the authors of the event postsand historic posts associated with the geofence; and validating theevent in response to the anomaly probability exceeding a thresholdanomaly probability.
 20. The method of claim 1, further comprising:receiving a second post having a public permissions status from a firstsocial networking system of the plurality of social networking systems,the second post authored by a user account that authored a first post ofthe plurality of posts, the user account having a private storedpermissions status; querying the first social networking system for apermissions status of each post authored by the user account; andupdating the stored permissions status of each post authored by the useraccount to match a received permissions status, received from the firstsocial networking system, for the respective post.